Questions on Information Security Stack Exchange are expected to relate to Information security within the scope defined by the community. Consider editing the question or leaving comments for improvement if you believe the question can be reworded to fit within the scope. Read more about reopening questions here.
If this question can be reworded to fit the rules in the help center, please edit the question.

1

Questions of legality can't really be answered on a Q/A site. It's dependent on your local laws and would really require that a lawyer advise you on the answer to the question. Some jurisdictions do attribute legal meaning to signatures, but there are also technical issues in terms of proving you are the private key holder.
–
AJ HendersonMar 22 '13 at 23:06

Maybe there are some general recommendations, or someone dealt with that in practice (or there are more-or-less-reliable stories about it)...
–
Vi.Mar 22 '13 at 23:11

they still wouldn't be valid in your locality. Local laws differ greatly and in some places there isn't even clear laws about it. Any general stories someone would have have no legal barring on your situation.
–
AJ HendersonMar 22 '13 at 23:25

1 Answer
1

Normally you don't ask whether your key has "legal value". You rather ask whether the key of somebody else has legal value, because that somebody else has signed a document but not followed up on his promises, and you want to sue him. That's a generic remark on the legality of digital signatures: if you are in a right frame of mind, you don't want to sign; you want other people to sign the messages they send to you. Because when you sign some document, in a legally binding way, you are really giving away legal weapons targeted at you.

Beyond that it gets complex because law is an area which has been practiced for thousands of years and the complexity has just accumulated since then; and every country has its own system. One big principle of signatures, though, is that your signature is legally binding if it was really produced by you. This looks obvious or even downright silly, but it expresses an important idea: in the eye of the Law, the technical means by which the signature was produced are of secondary importance. It is mostly a matter of burden of proof: if person A sues person B for not fulfilling the terms of a contract allegedly signed by B, is it A who should show elements proving that B really signed the contract, or B who should show elements proving that the so-called signature is fake ? When legal bodies take an interest in cryptographic software, it is mostly to establish on whom the burden of proof will be applied, should litigation occur.